1

I found out recently my IP had been blacklisted and thus I couldn't send any emails. On the CBL site it says...

"IMPORTANT: Many CBL/XBL listings are caused by a vulnerability in Mikrotik routers. If you have a Mikrotik router, please check out the Mikrotik blog on this subject and follow the instructions before attempting to remove your CBL listing."

I have a MikroTik router, so I wondered how do they know? Is this information contained in any packets of data sent to and from a server when sending an email and the IP was blacklisted preemptively or has someone hacked my router and done something to get me blacklisted?

FWIW, this is more of a hypothetical question than a 'what I did' one, but FYI I wasn't doing anything blacklist worthy like running a mail server for example. Just normal every day use of a normal PC connected to a home network.

The question is simply when sending an email is there anything in that process that passes on the details (i.e. model and firmware version) of your router?

Giacomo1968
  • 58,727
Doob
  • 23

1 Answers1

1

We don't know what you did so we cannot answer conclusively. But there is a chance that your router became a bot-slave and was black-listed, and in that case there is also the possibility that it infected your computer(s).

All I can suggest is to first factory-reset your router, then follow this Mikrotik blog on the subject, finally run antivirus scans by several well-known companies on all your computers.

If any infection is found, you can find more information in the post
How can I remove malicious spyware, malware, adware, viruses, trojans or rootkits from my PC.

harrymc
  • 498,455